[Devel] [PATCH RH8] ve: allow writing to features and iptables_mask in pseudosuper state

[Pavel Tikhomirov]

This is needed by criu to be able to restore those ops from
vz-rst-action action script setup on setup-namespaces stage.
This is effectively a port from vz7 kernel.

While on it let's also fix missprint in ve_features_write name.

https://jira.sw.ru/browse/PSBM-120728

Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
---
 kernel/ve/ve.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/kernel/ve/ve.c b/kernel/ve/ve.c
index f8426871d9b2c..13a36f8dfdb06 100644
--- a/kernel/ve/ve.c
+++ b/kernel/ve/ve.c
@@ -986,11 +986,12 @@ static u64 ve_reatures_read(struct cgroup_subsys_state *css, struct cftype *cft)
 	return css_to_ve(css)->features;
 }
 
-static int ve_reatures_write(struct cgroup_subsys_state *css, struct cftype *cft, u64 val)
+static int ve_features_write(struct cgroup_subsys_state *css, struct cftype *cft, u64 val)
 {
 	struct ve_struct *ve = css_to_ve(css);
 
-	if (!ve_is_super(get_exec_env()))
+	if (!ve_is_super(get_exec_env()) &&
+	    !ve->is_pseudosuper)
 		return -EPERM;
 
 	down_write(&ve->op_sem);
@@ -1013,7 +1014,8 @@ static int ve_iptables_mask_write(struct cgroup_subsys_state *css, struct cftype
 {
 	struct ve_struct *ve = css_to_ve(css);
 
-	if (!ve_is_super(get_exec_env()))
+	if (!ve_is_super(get_exec_env()) &&
+	    !ve->is_pseudosuper)
 		return -EPERM;
 
 	down_write(&ve->op_sem);
@@ -1341,7 +1343,7 @@ static struct cftype ve_cftypes[] = {
 		.name			= "features",
 		.flags			= CFTYPE_NOT_ON_ROOT,
 		.read_u64		= ve_reatures_read,
-		.write_u64		= ve_reatures_write,
+		.write_u64		= ve_features_write,
 	},
 	{
 		.name			= "os_release",
-- 
2.26.2